<?php
/**
* Authorization main controller class file.
*
* @author Christoffer Niska <cniska@live.com>
* @copyright Copyright &copy; 2010 Christoffer Niska
* @since 0.5
*/
class MainController extends Controller
{
	/**
	* @var Authorization component
	*/
	private $_auth;

	/**
	* Initialization.
	*/
	public function init()
	{
		$this->defaultAction = 'permissions';
		$this->_auth = Yii::app()->getModule('authorization')->auth;
	}

	/**
	 * @return array action filters
	 */
	public function filters()
	{
		return array(
			'accessControl', // perform access control for CRUD operations
		);
	}

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array(
					'permissions',
					'operations',
					'tasks',
					'roles',
					'promoteRole',
					'demoteRole',
				),
				'users'=>array($this->_auth->superUser),
			),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}

	/**
	* Displays the permission management page.
	*/
	public function actionPermissions()
	{
		// Get the roles
		$roleHierarchy = $this->_auth->hierarchy;

		// No need to display the super user
		unset($roleHierarchy[0]);

		// Render the view
		$this->render('permissions', array(
			'auth'=>$this->_auth,
			'authItems'=>$this->_auth->getAuthItems(array('operation', 'task')),
			'authChildMap'=>$this->_auth->authChildMap,
			'roleHierarchy'=>$roleHierarchy,
			'roleColumnWidth'=>(70/count($roleHierarchy)),
		));
	}

	/**
	* Displays the operation management page.
	*/
	public function actionOperations()
	{
		// Render the view
		$this->render('operations', array(
			'authItems'=>$this->_auth->getAuthItems('operation'),
			'isBizRuleEnabled'=>Yii::app()->getModule('authorization')->enableBizRule,
			'isBizRuleDataEnabled'=>Yii::app()->getModule('authorization')->enableBizRuleData,
		));
	}

	/**
	* Displays the operation management page.
	*/
	public function actionTasks()
	{
		// Render the view
		$this->render('tasks', array(
			'authItems'=>$this->_auth->getAuthItems('task'),
			'isBizRuleEnabled'=>Yii::app()->getModule('authorization')->enableBizRule,
			'isBizRuleDataEnabled'=>Yii::app()->getModule('authorization')->enableBizRuleData,
		));
	}

	/**
	* Displays the role management page.
	*/
	public function actionRoles()
	{
		// Get the roles
		$roleHierarchy = $this->_auth->hierarchy;

		// Render the view
		$this->render('roles', array(
			'roleHierarchy'=>$roleHierarchy,
			'roleHierarchyCount'=>count($roleHierarchy),
			'isBizRuleEnabled'=>Yii::app()->getModule('authorization')->enableBizRule,
			'isBizRuleDataEnabled'=>Yii::app()->getModule('authorization')->enableBizRuleData,
		));
	}

	/**
	* Action to promote a role.
	*/
	public function actionPromoteRole()
	{
		$this->_auth->promoteRole($_GET['name']);
		$this->redirect(array('roles'));
	}

	/**
	* Action to demote a role.
	*/
	public function actionDemoteRole()
	{
		$this->_auth->demoteRole($_GET['name']);
		$this->redirect(array('roles'));
	}


	/**
	* Action to assign a role to the given user.
	*/
	public function actionAssignRole()
	{
		$this->_auth->authManager->assign($_GET['name'], $_GET['userId']);
		$this->redirect($_GET['returnUrl']);
	}
}